Privacy policy
Last updated: March 1, 2025
1. INTRODUCTION
ByStorm Beauty ("ByStorm," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information.
This Privacy Policy explains how we collect, use, store, and disclose your personal data in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By accessing www.bystormbeauty.com (the "Site"), purchasing our products, or engaging with us, you agree to this Privacy Policy.
If you do not agree with this Privacy Policy, please do not use our Site or services.
2. WHAT INFORMATION WE COLLECT
We collect personal information that is necessary for our business operations, including fulfilling orders, providing customer service, and ensuring compliance with regulatory requirements.
2.1. Personal Information You Provide
-
We collect personal information you provide when interacting with us, including:
Contact details (e.g., name, email, phone number) - Billing and shipping addresses
- Order history and purchase details
- Payment details (processed securely via third-party payment providers)
- NDIS participant details (if applicable)
- Marketing preferences (if you opt-in to receive updates)
2.2. Automatically Collected Information
When you visit our Site, we may collect certain information automatically, including:
- Device information – IP address, browser type, and operating system
- Usage data – Pages visited, time spent on pages, and browsing behaviour
- Cookies and tracking technologies – To improve your experience and enable site functionality
You can manage your cookie preferences through your browser settings.
3. HOW WE USE YOUR INFORMATION
We use your personal information for the following purposes:
- Processing transactions – To fulfil orders, process payments, and arrange delivery
- Providing customer support – Responding to queries, handling returns, and addressing complaints
- Improving our services – Analysing trends and optimising our Site’s performance
- Marketing & promotions (with consent) – Sending offers, product updates, and newsletters
- Legal and regulatory compliance – Meeting obligations under Australian law and consumer protections
- NDIS-related purchases – Processing invoices and ensuring compliance with NDIS guidelines
We do not sell or rent your personal data to third parties.
4. DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information in the following circumstances:
- To third-party service providers – Including payment processors, logistics providers, and IT support
- For legal compliance – If required by law, government agencies, or law enforcement
- For NDIS claims – When invoicing Plan Managers or the NDIA
- In business transactions – If ByStorm Beauty undergoes a merger, sale, or acquisition
Third-party providers are required to comply with Australian privacy laws and protect your data.
5. HOW WE STORE & PROTECT YOUR DATA
We implement industry-standard security measures to safeguard your personal data against:
- Unauthorised access
- Loss, theft, or misuse
- Unauthorised disclosure or alteration
Our security measures include:
- Encrypted payment processing (we do not store credit card details)
- Secure servers and firewall protection
- Strict access controls and staff training on data security
If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and report it to the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches (NDB) scheme.
6. YOUR RIGHTS & CHOICES
Under Australian privacy laws, you have the right to:
- Access the personal data we hold about you
- Request corrections if your information is inaccurate or incomplete
- Withdraw consent for marketing communications
- Request deletion of your personal data where legally permitted
- Complain if you believe we have mishandled your personal information
To exercise your rights, email us at hello@bystormbeauty.com.
7. THIRD-PARTY LINKS & SERVICES
Our Site may contain links to third-party websites.
We are not responsible for their privacy policies or security practices. Before providing personal information on third-party sites, review their privacy policies.
8. NDIS PARTICIPANT DATA
If you purchase ByStorm products using NDIS funding, we may collect additional details to process your claim.
- We only collect the necessary information to process NDIS invoices
- We do not store sensitive health information unless required by law
- Your data is only shared with the NDIA, your Plan Manager, or relevant authorities
Participants must ensure their purchase aligns with their NDIS plan and funding criteria.
9. MARKETING & COMMUNICATIONS
We will only send you marketing emails if you opt-in to receive them.
- Unsubscribe at any time by clicking the "unsubscribe" link in emails
- We do not share your contact details with third-party advertisers
We comply with the Australian Spam Act 2003 (Cth) and will never send spam.
10. DATA RETENTION
We only retain personal data for as long as necessary to:
- Provide services
- Fulfil legal and tax obligations
- Resolve disputes
When data is no longer needed, we securely delete or anonymise it.
11. CROSS-BORDER DATA TRANSFERS
- Your data may be stored on secure servers in Australia or overseas.
- If transferred outside Australia, we take steps to ensure your data remains protected under Australian privacy laws.
12. UPDATES TO THIS POLICY
We may update this Privacy Policy periodically to reflect changes in laws or business practices.
- Updates take effect immediately upon posting on our Site
- Continued use of our Site after updates constitutes acceptance
We recommend reviewing this policy regularly.
13. HOW TO CONTACT US
If you have any privacy-related concerns, data access requests, or complaints, contact us:
📩 Email: hello@bystormbeauty.com
📍 Address: 32 Croft Road, Eleebana, NSW, Australia
If you believe we have mishandled your data, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.